Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fortios_system_dns #47

Closed
RichardBotham opened this issue Aug 13, 2020 · 2 comments
Closed

fortios_system_dns #47

RichardBotham opened this issue Aug 13, 2020 · 2 comments

Comments

@RichardBotham
Copy link

Issue with the domain keyword in fortios_system_dns module when using fortinet.fortios collection

ansible version 2.9.7
fortios 6.0.9

When running this playbook an error is generated as follows

---
- name: Configure Fortinet DNS
  hosts: fortinet
  connection: httpapi
  gather_facts: True
  collections:
    - fortinet.fortios

  vars_files:
    - ./group_vars/fortinet_vars.yml
    - ./group_vars/base_vars.yml
    - ./group_vars/cloud_vars.yml

  tasks:
  - name: Configure DNS.
    fortios_system_dns:
      ssl_verify: False
      host:  "{{ ansible_host }}"
      password: "{{ ansible_password }}"
      username: "{{ ansible_username }}"
      vdom:  "{{ vdom }}"
      https: "True"
      system_dns:
        primary: "{{ dns[location.country[0]][0] }}"
        secondary: "{{ dns[location.country[0]][1] }}"
        source_ip: "192.168.127.110"
        domain:
         - 
            domain: "bbc.co.uk"
 

Error


TASK [Gathering Facts] *****************************************************************************************************************************
ok: [fortinet1]

TASK [Configure DNS.] ******************************************************************************************************************************
[WARNING]: The value [{'domain': 'bbc.co.uk'}] (type list) in a string field was converted to "[{'domain': 'bbc.co.uk'}]" (type string). If this
does not look like what you expect, quote the entire value to ensure it does not change.
ok: [fortinet1]

PLAY RECAP *****************************************************************************************************************************************
fortinet1                  : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0 

When the playbook is amended as follows the module operates as expected

- name: Configure Fortinet DNS
  hosts: fortinet
  connection: httpapi
  gather_facts: True

This is the output

PLAY [Configure Fortinet DNS] **********************************************************************************************************************

TASK [Gathering Facts] *****************************************************************************************************************************
ok: [fortinet1]

TASK [Configure DNS.] ******************************************************************************************************************************
changed: [fortinet1]

PLAY RECAP *****************************************************************************************************************************************
fortinet1                  : ok=2    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

This is the resulting configuration


fortinet3 (global) # conf system  dns

fortinet3 (dns) # show
config system dns
    set primary 12.1.1.1
    set secondary 12.1.1.2
    set domain "bbc.com"
    set source-ip 192.168.127.110
end

fortinet3 (dns) #
@JieX19
Copy link

JieX19 commented Aug 13, 2020

Hi @RichardBotham,

Can you please check the runtime module is the one in galaxy collection not the old ansible module? I've noticed hosts, username, password, ssl_verify, https parameters used in the playbook, they'are actually causing the issue you mentioned above.

We use ansible_httpapi_use_ssl [yes/no] and ansible_httpapi_validate_certs [yes/no] instead in collection. And please note if you're using hosts, username, password in the playbook, then the old ansible modules will be called not the ones in collection.

FYI, here's a workable playbook.

- hosts: fortigateslab
  connection: httpapi
  collections:
    - fortinet.fortios
  vars:
    ansible_httpapi_use_ssl: yes
    ansible_httpapi_validate_certs: no
    ansible_httpapi_port: 443
    vdom: "root"
  tasks:
  - name: Configure DNS.
    fortios_system_dns:
      vdom:  "{{ vdom }}"
      system_dns:
        source_ip: "192.168.127.110"
        domain:
          - 
            domain: "bbc.co.uk"

You can config the hosts file under /etc/ansible/hosts and no need to use them in the playbook.

[fortigateslab]
fortigate01 ansible_host=192.168.190.100 ansible_user="admin" ansible_password="password"

[fortigateslab:vars]
ansible_network_os=fortinet.fortios.fortios

@chillancezen
Copy link

@RichardBotham hi Rich,

httpapi is preferred as Jie suggested.

but first make it clear which fortios version it is and install correct fortios collection.
Let's continue to use https://fndn.fortinet.net/index.php?/forums/topic/2269-ansible-and-fortios_system_dns/ to track this issue.

I mark this closed.

thanks,
Link

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants